<?php
/**
 * Prado Portal.
 *
 * @author Steen Rabol <steen.rabol@gmail.com>
 * @link http://www.pradoportal.dk/
 * @copyright Copyright &copy; 2006,2007,2008 Steen Rabol
 * @license http://www.pradoportal.dk
 * @version $Id: PortalAuthManager.php 289 2008-11-14 05:34:40Z steen.rabol@gmail.com $
 * @package Pradoportal.Common
 *
 *
 */

Prado::using('System.Security.TAuthManager');

/**
 *
 * @package Pradoportal.Common
 */

class PortalAuthManager extends TAuthManager
{
	private $_Default			= false;

	public function getDataAccess()
	{
		return $this->Application->DbConnection;
	}

	public function OnAuthorize($param)
	{
		if($this->Application->Parameters['RunMode'] == 'Install')
		{
			return true;
		}

		$db		= $this->DataAccess;
		$p		= $this->Application->getService()->getRequestedPagePath();
		$uid	= $this->Application->User->Id;
		$rid	= $this->Application->User->RoleId;
		$sql	= "select view from tblpermissions where (page='$p' OR page IS NULL or page='' or page='All') AND ((selector='user' AND value='$uid') OR (selector='role' and value='$rid')) order by page desc";
		$res	= $db->createCommand($sql)->query();

		if($res !== false)
		{
			// Traverse results
			foreach ($res as $row)
			{
				// If we get deny here
				$view = TPropertyValue::ensureInteger($row['view']);
				if ( $view != 1)
				{
					$this->DenyRequest();
				}
			}
		}
	}

	public function CanEdit($page = null)
	{
		if($this->Application->Parameters['RunMode'] == 'Install')
		{
			return false;
		}

		$db		= $this->DataAccess;

		if($page === null)
		{
			$p	= $this->Application->getService()->getRequestedPagePath();
		}
		else
		{
			$p	= $page;
		}

		$uid	= $this->Application->User->Id;
		$rid	= $this->Application->User->RoleId;
		$sql	= "select edit from tblpermissions where (page='$p' OR page IS NULL or page = '' or page ='All') AND ((selector='user' AND value='$uid') OR (selector='role' and value='$rid')) order by page desc";
		$res	= $db->createCommand($sql)->query();
		if($res === false || $res->RowCount == 0)
		{
			return false;
		}

		// Traverse results
		foreach ($res as $row)
		{
			// If we get deny here
			$edit = TPropertyValue::ensureInteger($row['edit']);
			if ($edit != 1)
			{
				return false;
			}
		}

		return true;
	}

	public function CanView($page = null)
	{
		if($this->Application->Parameters['RunMode'] == 'Install')
		{
			return true;
		}

		$db		= $this->DataAccess;

		if($page === null)
		{
			$p	= $this->Application->getService()->getRequestedPagePath();
		}
		else
		{
			$p = $page;
		}

		$uid	= $this->Application->User->Id;
		$rid	= $this->Application->User->RoleId;
		$sql	= "select view from tblpermissions where (page='$p' OR page IS NULL) AND ((selector='user' AND value='$uid') OR (selector='role' and value='$rid')) order by page desc";
		$res	= $db->createCommand($sql)->query();

		if($res === false || $res->RowCount == 0)
		{
			return $this->_Default;
		}

		// Traverse results
		foreach ($res as $row)
		{
			// If we get deny here
			$view	= TPropertyValue::ensureInteger($row['view']);
			if ($view != 1)
			{
				return false;
			}
		}

		return true;
	}

	private function DenyRequest()
	{
		$this->getApplication()->getResponse()->setStatusCode(401);
		$this->getApplication()->completeRequest();
	}

	public function getDefault()
	{
		return $this->_Default;
	}

	public function setDefault($value)
	{
		$this->_Default = TPropertyValue::ensureBoolean($value);
	}

	public function logout()
	{
		$userid 	= $this->Application->User->Id;
		$sessionid	= session_id();

		parent::logout();
		$conn			= $this->DataAccess;
		$conn->createCommand("delete from tbluseronline where userid='$userid' and sessionid='$sessionid'")->execute();
	}
}
?>